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DETAILED ACTION 

1. This office action replaces the previous non-final office action dated 8/3/07. 

Claim Rejections - 35 USC §102 

2. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 
basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by another filed 
in the United States before the invention by the applicant for patent or (2) a patent granted on an application for 
patent by another filed in the United States before the invention by the applicant for patent, except that an 
international application filed under the treaty defined in section 351(a) shall have the effects for purposes of this 
subsection of an application filed in the United States only if the international application designated the United 
States and was published under Article 21(2) of such treaty in the English language. 

3. Claims 1-3 are rejected under 35 U.S.C. 102(E) as being anticipated by Hurren (U.S. 
Patent No.: 6,788,681). 

Referring to claiml, Hurren teaches: A method for sending data through a provider network from 
an originating network to a destination network in a virtual private network (col. 2 lines 14 to 54) 
the method comprising: 

encapsulating data link layer data from the originating network in a network layer packet (The 
ingress iPT card encapsulates the LAN data frame (data link layer) in an IP packet (network 
layer packet per col, 2 lines 14 to 54) 

determining whether a data link layer address of a destination device in the destination network 
is mapped to a network layer address of an egress line interface in the provider network (The 
ingress IPT card determines if the egress iPT card's IP Destination address is retrievable from 
the database which associated the IP destination address with the MAC destination address per 
col. 2 lines 14 to 54) 

when the destination device address is not mapped to the egress line interface address 
broadcasting the network layer packet to a multicast address associated wit the VPN (If there is 
not an entry in the database for the IP Destination address associated with the MAC Destination 
address then the IP packet is sent to the multicast address for all iPT egress cards per col. 2 lines 
14 to 54) 

In addition Hurren teaches: 
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Regarding claim 2, further comprising with the destination device address is mapped to the 
egress line interface address based on a.previous transmission from, the destination device unicast 
the network layer packet to the egress line interface, unicasting the network layer packet to the 
egress line interface address (The database is inherently created based upon receipt of a 
previously received packet or transmission from a destination device. The iPT ingress card 
would look up the value of the destination IP address based upon the destination MAC address 
and send to the single address or unicast per col. 2 lines 14 to 54) 

Regarding claim 3, further comprising adding a VPN identification number corresponding to the 
VPN to the network layer packet (col. 3 lines 22 to 27) wherein the data link layer data from the 
network layer packet is decapulated only when the VPN identification number is verified after 
the egress line interface received the network layer packet (The iPT card egress inherently 
decapsulated the packet when the VPN identification number is verified and forwards the frame 
to the inherent destination device per col. 3 lines 22 to 36) 

4. Claim 1 8 is rejected under 35 U.S.C. 103(a) as being unpatentable over Hurren (U.S. 

Patent No.: 6,788,681) in view of Lamberton (U.S. Patent No.: 6,789,121) 

Referring to claim 18, Hurren teaches: A method of providing broadband access for a customer 
in a virtual private network (VPN) (Fig 2 A) comprising a plurality of local network (LANs) (12, 
14, & 16 per Fig 2 A) interfacing with at least one telecom service provide network (inherent 
provider for 10 per Fig 2 A), each TSP network comprising a plurality of interfaces 
corresponding to the plurality of LANS (24 per Fig 2A) the method comprising: 

Assigning a unique VPN identification number (VPN identifier per col. 3 lines 22 to 36) 

Assigning a common multicast address to the plurality of interfaces (iPT card egress multicast 
address per col. 2 lines 14-54) and a unique unicast address to each of the plurality of interfaces 
(iPT card IP destination address) 

Receiving data from an originating LAN the data being directed to a destination device in a 
destination LAN the origination LAN corresponding to an ingress interface of the plurality of 
interfaces and the destination LAN corresponding to an egress interface of the plurality of 
interfaces (The iPT ingress card receives LAN data with a MAC destination address 
corresponding to the iPT egress card of a plurality of iPT egress cards per col. 3 lines 22 to 36) 

When the destination device address is not mapped to the destination LAN encapsulating the 
data in a multicast packet having the unique address of the ingress interface as a source address 
and the multicast address as a destination address (When the destination address in the LAN 
packet which inherently carries a MAC source address is sent to a iPT egress card whose IP 
Destination address is not mapped in the database with the corresponding MAC destination 
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address the LAN packet is encapsulated and sent to the multicast address as a destination 
address which is associated with the iPT card egress VPN per col. 3 lines 22 to 36) 

Transmitting the encapsulated data to all interface corresponding to the plurality of LANs based 
on the multicast address (The iPT ingress card encapsulates the LAN data corresponding to the 
plurality of LANs and sends to the multicast address as a destination address which is associated 
with the iPT cards egress VPN per col. 3 lines 22 to 36) wherein the frame is decapsulated only 
at the egress interface and the egress interface forward the frame to the destination device (The 
iPT card egress decapsulated the packet and forward the frame to the inherent destination device 
only if the VPN identifier is appropriate per col. 3 lines 22 to 36) 

Hurren does not expressly call for: VPN identifier assigned to a customer. 

Lamberton teaches: VPN identifier assigned to a customer per Fig 1. 

It would have been obvious to one of ordinary skill in the art at the time of the invention to add 
VPN the customer identifier of Lamberton to the VPN of Hurren so that a single customer traffic 
can be uniquely routed over a public network 

5. Claim 19-20 are rejected under 35 U.S.C. 103(a) as being unpatentable over Hurren (U.S. 
Patent No.: 6,788,681) in view of Lamberton (U.S. Patent No.: 6,789,121) further in view of 
Blanchet (U.S. Patent Publication No.: US2004/0013130) 

Referring to claim 19, the combination of Hurren and Lamberton teach: the method of broadband 
access according to claim 18 and Hurren teaches: further comprising with the destination device 
address is mapped to the egress line interface address based on a previous transmission from the 
destination device unicast the network layer packet to the egress line interface, unicasting the 
network layer packet to the egress line interface address (The database is inherently created 
based upon receipt of a previously received packet or transmission from a destination device. 
The iPT ingress card would look up the value of the destination IP address based upon the 
destination MAC address and send to the single address or unicast per col. 2 lines 14 to 54 

The combination of Hurren and Lamberton do not expressly call for: IPv6 packets 

Blanchet teaches: IPv6 packets per Ph 1 Para [005] 

It would have been obvious to one of ordinary skill in the art at the time of the invention to add 
the IPv6 packet of Blanchet in place of the IP packet (inherently IPv4) of the combination of 
Hurren and Lamberton because IPv4 packet's address space is running out and all IPv4 system 
will eventually have to be replaced with IPv6 in order to withstand the growth associated with 
the Internet. 
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In addition Hurren teaches: 

Regarding claim 20, further comprising: entering the VPN identification number in one of the 
multicast packet and the unicast packet (col. 3 lines 22 to 27) wherein the egress interface reads 
the VPN identification to verify that the received packet is associated with the VPN (iPT card 
egress inherently reads the VPN identification in order to verify that the received packet is 
associated with the VPN per col. 2 lines 14 to 54) 



Claim Rejections - 35 USC §103 

6. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 

obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

7. Claims 21, 5-6, & 12 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Hurren (U.S. Patent No.: 6,788,681) in view of Blanchet (U.S. Patent Publication No.: 
US2004/0013130) 



Referring to claim 21, Hurren teaches: A method for providing broadband access to a virtual a 
virtual private network (Fig 2 A) comprising a plurality of local area networks (LANS) (12, 14, & 
16 per Fig 2A) configured to interface with an service provider (inherent provider for 10 per Fig 
2A) through broadband access links (connection via 24 per Fig 2A) the method comprising: 

encapsulating the LAN frame from an originating LAN of the VPN in an IP packet of the service 
provider network (The ingress iPT card encapsulates the LAN data frame in an IP packet 
(network layer packet) via inherent service provider network per col. col. 6 line 62 to col. 9 line 
36) 

adding a VPN identification number corresponding to the VPN to the IP packet (The ingress iPT 
receives a LAN frame adds a TID (VPN identification number) corresponding to the VPN and 
encapsulate the LAN frame into an IP packet which is directed to the egress or 2 nd iPT card per 
col. 6 line 62 to col. 9 line 36) 



r 



! 



Application/Control Number: 10/628,238 Page 6 

Art Unit: 2616 

determining whether an address of a destination device in a destination LAN is mapped to an 
egress line interface (The ingress IPT card determines if the egress iPT card's IP Destination 
address is retrievable from the database which associated the IP destination address with the 
MAC destination address per col. 6 line 62 to col. 9 line 36) 

when the address of the destination device address is not mapped to the egress line interface 
address broadcasting the IP packet to a multicast address with the VPN (If there is not an entry 
in the database for the IP Destination address associated with the MAC Destination address then 
the IP packet is sent to the multicast address for all iPT egress cards per col. 6 line 62 to col. 9 
line 36) 

wherein the IP packet is received at the egress line interface based on the multicast address, the 
LAN frame being decapsulated and transmitted to the destination LAN when the VPN 
identification number is verified (The iPT card egress inherently decapsulated the packet when 
the VPN identification number is verified and forwards the frame to the inherent destination 
device per col. 6 line 62 to col. 9 line 36) 

Hurren does not expressly call for: IPv6 packets 

Blanchet teaches: IPv6 packets per Pg I Para [005] 

It would have been obvious to one of ordinary skill in the art at the time of the invention to add 
the IPv6 packet of Blanchet in place of the IP packet (inherently IPv4) of Hurren because IPv4 
packet's address space is running out and all IPv4 system will eventually have to be replaced 
with IPv6 in order to withstand the growth associated with the Internet. 

In addition Hurren teaches: 

Regarding claim 5, wherein the IPv6 packet is discarded when the VPN identification number is 
not verified (If TID of VPN identification is not recognized then the packet is discarded per col. 
6 line 62 to col. 9 line 36) 

Regarding claim 6, in which the IPv6 packet includes an IPv6 address of an egress line interface 
to which the IPv6 packet is routed for verification as an destination address when the address of 
the destination address is mapped to the egress line interface (If the destination address is 
recognized then the packet is routed to the egress line and the address is inherently verified prior 
to forwarding to an inherent end device per col. 6 line 62 to col. 9 line 36) 

Regarding claim 12, further comprising: mapping an address of the egress line interface to the 
address of the destination device based on address information received by the ingress line 
interface in transmission form the destination address (col. 6 line 62 to col. 9 line 62) and 

Transmitting subsequent IPv6 packets to the destination advice using a unicast address of the 
egress line interface based on the mapping (col. 6 line 62 to col. 9 line 36) 
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8. Claims 7-9 are rejected under 35 U.S.C. 103(a) as being unpatentable over Hurren (U.S. 
Patent No.: 6,788,681) in view of Blanchet (U.S. Patent Publication No.: US2004/0013130) 
further in view of Khalil (U.S. Patent No.: 7,1 10,375) 

Referring to claim 7 the combination of Hurren & Blanchet teach: the method for providing 
broadband access of the VPN according to claim 4 and IPv6 packet 

The combination of Hurren and Blanchet do not expressly call for: VPN number in a header 
extension per Fig 4 

Khalil teaches: VPN number in a header extension (VPN INDEX or VPN number per Figs 5 & 
6) 

It would have been obvious to one of ordinary skill in the art at the time of the invention to add 
the VPN number in the header extension Khalil to system of the combination of Hurren and 
Blanchet in order to build a system in which packets can be routed on a VPN basis. 

Referring to claim 8 the combination of Hurren, Blanchet, and Khalil teach the method for 
providing broadband access to the VPN according to claim 7 and the VPN identification number. 

Hurren and Khalil do not expressly call for: VPN identification number to include a multiple of 
four octets 

Blanchet teaches: VPN identification number to include a multiple of four octets (370 per Fig 4 
is made up of 32 bits or four octets) 

It would have been obvious to one of ordinary skill in the art at the time of the invention to add 
the VPN identification number which is a multiple of four octets of Blanchet to the VPN of the 
combination of Hurren, Blanchet, and Khalil in order to utilize a 32 bit word format of Figure 4. 

Referring to claim 9, the combination of Hurren , Blanchet , and Khalil teach: the method for 
providing broadband access to the VPN according to the claim 7and Khali teaches in which the 
optional header extension further identifies (VPN index ) further identifies the VPN 

The combination of Blanchet and Khalil do not teach: discarding the IPv6 packet when the 
egress interface does not recognize the destination 

Hurren teaches that the iPT discard the IP packet when it does not recognize the destination. 
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It would have been obvious to one of ordinary skill in the art at the time of the invention to add 
the discarding of Hurren to a system which sends the VPN Identifier in an optional header 
extension of the combination of Hurren, Blanchet, and Khalil in order to utilize the optional 
header extension for sending the VPN identifier. 

9. Claim 10 is rejected under 35 U.S.C. 103(a) as being unpatentable over Hurren (U.S. 
Patent No.: 6,788,681) in view of Blanchet (U.S. Patent Publication No.: US2004/0013130) in 
view of Khalil (U.S. Patent No.: 7,1 10,375) further in view of Mannam (Patent Pub No.: 
US2004/0 105459) 

Referring to claim 10, combination of Hurren , Blanchet , and Khalil teach: the method for 
providing broadband access to the VPN according to the claim 7and Khali teaches in which the 
header extension further identifies (VPN index ) further identifies the VPN and IPv6 

The combination of Hurren, Blanchet and Khalil do not teach: the optional header extension 
further identifies a VPN hop number which indicates a number of line interfaces that transmit the 
packet. 

Mannam teaches: the optional header extension further identifies a VPN hop number which 
indicates a number of line interfaces that transmit the packet (Time to live or hop count which 
keeps track of the number of switches per Pg 4 Para[0046]) 

It would have been obvious to one of ordinary skill in the art at the time of the invention to add 
the optional header extension further identifies a VPN hop number which indicates a number of 
line interfaces that transmit the packet of Mannam to the optional header of the combination of 
Hurren, Blanchet, and Khalil in order to build a system which keeps track of the time to live of a 
packet. 

10. Claims 22 are rejected under 35 U.S.C. 103(a) as being unpatentable over Hurren (U.S. 

Patent No.: 6,788,681) in view of Blanchet (U.S. Patent Publication No.: US2004/0013130) 

Referring to claim 22, Hurren teaches: An interface device for providing broadband access to a 
virtual private network (VPN) the VPN comprising a plurality of local area networks (LANS) 
configured to interface with an IPv6 service provider network (The iPT is the interface device 
per col. 6 line 62 to col. 9 line 36), the interface device comprising: 

An ingress line interface connectable to at least one LAN via broadband access link (The iPT has 
line input 24 per Fig 21 to connect an LAN to a SONET ring per col. 6 line 62 to col. 9 line 36) 
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A receiving configured to receive a LAN frame from a first LAN of the at least one LAN at the 
ingress line interface corresponding to the first LAN to encapsulated the LAN frame in an IP 
packet and to add a VPN identification number corresponding to the VPN to the IPv6 packet the 
LAN frame directed to a second LAN (The iPT card receives the frame from a first LAN (12 per 
Fig 2 A) at the line into 24 per Fig 2 A per ingress line interface corresponding to (12 per Fig 2 A) 
and encapsulates the LAN frame into IP and adds a TID (VPN identification) and directs the 
LAN frame to the second (12 per Fig 2A) per col. 6 line 62 to col. 9 line 36) 

An ingress virtual bridge corresponding to the ingress line interface, configured to associate an 
address of the destination device in the second LAN with an address of an egress line interface of 
the second interface device (The ingress iPT card corresponding to input 24 per Fig 2A (ingress 
line interface) is configured to associated the destination address of the of the second LAN with 
an address in an inherent table (ingress virtual bridge) per col. 6 line 62 to col. 9 line 36) 

Wherein the first interface device broadcasts the IP packet to a multicast address associated with 
the VPN when the ingress virtual bridge is not able to associate the address of the destination 
device in the second LAN with the address of the egress line interface of the second interface 
device (The first ipT card sends the IP packet to a multicast address or broadcasts associated with 
the VPN when the inherent table in the first iPT does not recognize the destination address per 
col. 6 line 62 to col. 9 line 36) 

Wherein the second interface device receives the IP packet at the egress line interface based on 
the multicast address (The egress or second iPT card receive the packet at line 24 per Fig 2A or 
egress line interface based upon the multicast address per col. 6 line 62 to col. 9 line 36) 



Hurren does not expressly call for: IPv6 packets 
Blanchet teaches: IPv6 packets per Pg 1 Para [005] 

It would have been obvious to one of ordinary skill in the art at the time of the invention to add 
the IPv6 packet of Blanchet in place of the IP packet (inherently IPv4) of Hurren because IPv4 
packet's address space is running out and all IPv4 system will eventually have to be replaced 
with IPv6 in order to withstand the growth associated with the Internet. 

In addition Hurren teaches: 

Regarding claim 17, the second interface device further comprising an egress virtual bridge 
corresponding to the egress line interface the egress virtual bridge mapping an address of an 
originating device in the first LAN with the address of the ingress line interface after the second 
interface receives the broadcast Ipv6 packets directing to the originating device to the address of 
the ingress line based on the mapping (egress or 2 nd iPT card learns the address so it can send the 
packet directly per col. 6 line 62 to col. 9 line 36) t 
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Regarding claim 23, wherein the second interface device verifies the VPN identification number, 
decapsulates the LAN frame when the VPN identification number is verified and transmits the 
LAN frame to the second LAN (Egress or second iPT verifies the TID and transmits the LAN 
frame to the second LAN per col. 6 line 62 to col. 9 line 36) 

Regarding claim 14, wherein the second interface discards the IPv6 packet when it is not able to 
verify the VPN identification number (Egress or second iPT discards when not able to verify the 
TID per col. 6 line 62 to col. 9 line 36) 

11. Claim 15 is rejected under 35 U.S.C. 103(a) as being unpatentable over Hurren (U.S. 
Patent No.: 6,788,681) in view of Blanchet (U.S. Patent Publication No.: US2004/0013130) 
further in view of Khalil (U.S. Patent No.: 7,1 10,375) 

Referring to claim 15, the combination of Hurren and Blanchet teach: the interface device for 
providing the broadband access to the VPN according to claim 23 and broadband access to the 
VPN and an IPv6 packet and a VPN identification number 

The combination of Hurren and Blanchet do not teach: VPN identification number in a header 
extension. 

Khalil teaches: VPN identification number in a header extension (VPNI or index is the VPN 
umber in the optional header extension per col. 1 1 lines 1 to 12 and Figs 5 & 6) . 

It would have been obvious to one of ordinary skill in the art at the time of the invention to add 
the VPN identification number in a header extension of Khalil in place of the VPN identifier of 
the combination of Hurren and Blanchet in order to incorporate the VPN identifier into a frame 
format. 



Response to Amendment 

12, Applicant's arguments with respect to claims 1-3, 5-10, 12, 14-15, & 17-22 have been 
considered but are moot in view of the new ground(s) of rejection. 
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Conclusion 

13. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Robert W. Wilson whose telephone number is 571/272-3075. 
The examiner can normally be reached on M-F (8:00-4:30). 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Edan Orgad can be reached on 571/272-7884. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would 
like assistance from a USPTO Customer Service Representative or access to the automated 
information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

Robert W Wilson 
Examiner 
Art Unit 2616 
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9/28/07 



